Changing the Password of an EBS - OID Provisioned User in OIM Fails: ORA-20001: Insufficient access. (USER_NAME=<USERNAME>) / ORA-06512: at "APPS.OIM_FND_USER_<SUFFIX>". Or, from API: ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
(Doc ID 2741777.1)
Last updated on APRIL 01, 2024
Applies to:
Oracle Internet Directory - Version 11.1.1 and laterOracle E-Business Suite Technology Stack - Version 11.0.1 and later
Information in this document applies to any platform.
Symptoms
Provisioned a new user in EBusiness Suite (EBS). Its password is changeable from EBS user form but when changing its password from Oracle Identity Manager (OIM) returns the error below:
ORA-20001: Insufficient access. (USER_NAME=<USERNAME>)
ORA-06512: at "APPS.OIM_FND_USER_<SUFFIX>", line 658
ORA-06512: at line 1
>
<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORG.IDENTITYCONNECTORS.EBS.EBSCONNECTOR> <BEA-000000> <org.identityconnectors.ebs.EBSConnector : rollback : Perf: Rolling the changes back started>
<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORG.IDENTITYCONNECTORS.EBS.EBSCONNECTOR> <BEA-000000> <org.identityconnectors.ebs.EBSConnector : rollback : Perf: Rolling the changes back completed>
<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000> <oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : doUpdate : Error while updating user
org.identityconnectors.framework.common.exceptions.ConnectorException: Error while updating User : MESSAGE_OBJECT_CLASS___ACCOUNT__ 6216 Error : org.identityconnectors.framework.common.exceptions.ConnectorException: Error while updating User : MESSAGE_OBJECT_CLASS___ACCOUNT__ 6216 Error : java.sql.SQLException: ORA-20001: Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001: Insufficient access. (USER_NAME=<USERNAME>)
ORA-06512: at "APPS.OIM_FND_USER_<SUFFIX>", line 658
ORA-06512: at line 1
at org.identityconnectors.ebs.EBSConnector.update(EBSConnector.java:269)
at org.identityconnectors.framework.impl.api.local.operations.UpdateImpl.update(UpdateImpl.java:93)
at sun.reflect.GeneratedMethodAccessor3772.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:93)
at com.sun.proxy.$Proxy535.update(Unknown Source)
Or, from a sample test api:
fnd.plsql.oid.fnd_ldap_user.ProcessUpdateRec: Begin
fnd.plsql.oid.fnd_ldap_user.ProcessUpdateRec: ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
fnd.plsql.oid.fnd_ldap_util.unbind: Begin
fnd.plsql.oid.fnd_ldap_util.unbind: End
fnd.plsql.oid.fnd_ldap_user.update_user[proc]: ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: Begin
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: Error Msg : ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: l_err_code : FND_SSO_LDAP_PWD_POLICY_ERR
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: l_tmp_str: Insufficient access
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: End
fnd.plsql.APP_EXCEPTION.RAISE_EXCEPTION.dict_auto_log Insufficient access
fnd.plsql.APP_EXCEPTION.RAISE_EXCEPTION.dict_auto_log "Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001: Insufficient access. (USER_NAME=<USERNAME>)"
fnd.plsql.APP_EXCEPTION.RAISE_EXCEPTION.dict_auto_log "Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001: Insufficient access. (USER_NAME=<USERNAME>)"
fnd.plsql.MO_GLOBAL.INIT.begin Calling PL/SQL procedure MO_GLOBAL.INIT
Removing FND_USER.USER_GUID entry for the user allows the password to be successfully changed from OIM. But if the table has an entry for the user, it fails.
Previously it was identified that those users who have FND_USER.USER_GUID value returns the error when their passwords are updated from OIM. But now the username have FND_USER.USER_GUID value and its password is updatable from EBS form and OIM.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |